CN101894235B - Smart card security session system - Google Patents
Smart card security session system Download PDFInfo
- Publication number
- CN101894235B CN101894235B CN2010102380558A CN201010238055A CN101894235B CN 101894235 B CN101894235 B CN 101894235B CN 2010102380558 A CN2010102380558 A CN 2010102380558A CN 201010238055 A CN201010238055 A CN 201010238055A CN 101894235 B CN101894235 B CN 101894235B
- Authority
- CN
- China
- Prior art keywords
- session
- smart card
- secured session
- secured
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention aims to disclose a smart card security session system. The system comprises a smart card, wherein the smart card consists of a security session manager, a transmission manager, a command analyzer and an encryption and decryption module; the security session manager, the transmission manager and the command analyzer are connected one another; the encryption and decryption module is connected with the command analyzer; in the conventional smart card security system, the concept of security session is introduced, and the application program is associated with a request initiated per se by adopting a semi-permanent interactive information switching method with automatic recovery mechanism, which is established between the smart card and a terminal application program in a certain period, so as to ensure that the security sessions of different application programs are independent from one another; and in addition, once established, the security session exists all the time until the operation of the application program is finished or other conditions for stopping the security session occur; and the security of the session is protected by security session symmetric keys and a security session public and private key pair.
Description
Technical field
The present invention relates to the system of secure communication between a kind of end application and the smart card, the smart card security session system of particularly a kind of computer security and application of IC cards security fields.
Background technology
Smart card is as a kind of means that ensure E-Government, e-commerce security, and its range of application is more and more wider; The up-to-date RNCOS report of having issued of U.S. ROCKVILLE market study group about smart card; Its report expression will increase by 13% in smart card market in 2012; Thing followed problem is the safety that how to ensure smart card self; For example how to take into account the reliability and the dirigibility of smart card, how to take into account smart card facility and data security in use or the like.
The security of smart card is to be ensured by its security system, and the research of smart card security system is mainly concentrated on aspects such as safe access control model and device authentication model at present; The security system of smart card is part and parcel very among the COS (Card Operating System) of smart card, comprises three parts: security attribute, safe condition and security mechanism;
Security attribute is that smart card is carried out the more needed conditions of certain instruction, have only smart card to satisfy these conditions, and this instruction is only and can carries out.
Safe condition is meant smart card at a kind of level of security of present located, and this level of security finishes reset answer or after it handles certain operational order, obtains at smart card.
Security mechanism is that safe condition is realized shifting transfer method and the means that adopted, and generally includes password and differentiates, password is differentiated, data discriminating and data encryption etc.
Press ISO/IEC 7816 standard codes; Data in the smart card in user memory with the form organize of tree type file structure; The security attribute and the internal file of smart card are associated; Specifically be meant the part of certain file or file is carried out the state that certain operation must reach the time, be sometimes referred to as access rights; The appointment when access rights of file are founded at file, the access rights of key are write fashionable appointment at key; Through safe condition and security attribute are set, the read-write operation of control documents effectively, thus guarantee the privacy of data.
As shown in Figure 1, the security system of combined with intelligent card and file system, the application controls flow process of existing smart card is following:
Each application is made up of some concrete instructions, and these instructions all are the operations to file in the smart card usually; The execution of instruction has certain sequencing, and the execution of a back instruction must be based upon on the basis of previous instruction completion;
With use each relevant smart card file and have own security attribute, these attributes have been stipulated to instruct file have been operated the preceding safety condition that should satisfy; In the implementation of an instruction, can represent the safe condition of file with the set of the current safety condition that has satisfied of file;
Each instruction must meet certain safety condition before certain concrete file of visit; In case this condition is satisfied, instruction just can be carried out, and changes the current safe condition of file according to corresponding security mechanisms;
All instructions of carrying out the perhaps application that makes a mistake when instruction all are finished, and the safe condition of file is reset and is the initial safe state.
Before using end, along with the execution of instruction, the safe condition of file is changed, and the file access authority that instruction is possessed progressively promotes, to satisfy application need.
In the particular content of smart card security system, most of realization all is based on the authentication to smart card, to guarantee the safety at terminal; Angle from smart card; Also face similar safety problem; End application promptly how to confirm current transmission instruction is same with last end application through the checking of smart card security system, and whether the instruction of for example carrying out file operation is the legal successor operation of the instruction of previous change file operation pattern.
As shown in Figure 1, existing smart card security system can not ensure it is the state transition that same application causes, thereby possibly have following attack pattern:
Bypass attack: mutual when legal process, through behind the safety verification with shared model and smart card; The smart card security state can promote and keep certain hour; Before application operating finishes; Illegal process will be utilized the smart card security conditional access smart card that has promoted, even the key file in the replacement card, stops carrying out smoothly etc. of legal operation; If the total ban shared model then can influence a plurality of application simultaneously to the visit of smart card.
Man-in-the-middle attack: the assailant will attack software through various technological means or hardware unit is placed between the valid application program at smart card and terminal; The content of communicating by letter between them is kept watch on, distorted to pass-along message between smart card and real application program simultaneously.
In sum,, need a kind of security session system of smart card especially, with the safety issue of the smart card mentioned more than solving to the above-mentioned defective that existing smart card security system exists.
Summary of the invention
The object of the present invention is to provide a kind of smart card security session system; Deficiency to prior art; Solve the problem of smart card security property in the prior art; Based on the smart card security conversation mechanism of asymmetric techniques,, realize the smart card security session by complete safe communication mechanism flow process through the mode of communication security session.
The technical matters that the present invention solved can adopt following technical scheme to realize:
A kind of smart card security session system; Comprise smart card; It is characterized in that said smart card is made up of secure session management device, delivery manager, command analysis device and encryption and decryption module, presets the secured session public private key pair in the said smart card; Said secure session management device, delivery manager and command analysis device are connected mutually, and said encryption and decryption module is connected mutually with said command analysis device; End application is initiated secured session; Produce random number as the secured session symmetric key by end application; And with the secured session public key encryption secured session symmetric key of smart card, the delivery manager through smart card sends to the command analysis device then, and the secured session private key deciphering that the command analysis device calls in the encryption and decryption module obtains the secured session symmetric key; And send the secure session management device to; The secure session management device generates the secured session sign, does mapping with the secured session symmetric key, then the secured session sign is used the secured session symmetric key encryption; Return to end application, set up end application and be connected with a secured session of smart card communications.
In one embodiment of the invention; When end application carries out follow-up smart card operation; Send the secured session sign through delivery manager and with the instruction and the summary thereof of random number encryption by end application; The command analysis device of smart card is inquired about corresponding secured session symmetric key according to secured session sign to the secure session management device, execution is resolved in instruction after calling the encryption and decryption module decrypts then.
In one embodiment of the invention; Employing possesses the smart card of the two card systems of typical case; The secured session public private key pair that said encryption and decryption module is used comprises that by the public private key pair that is used for encryption and decryption of CA trustship and the public private key pair that is used to sign that is generated voluntarily by COS the public and private key of the secured session that said encryption and decryption module is used adopts the public private key pair that is used for encryption and decryption of CA trustship.
In one embodiment of the invention, the life cycle of the secured session of said secure session management device comprises that secured session initialization, secured session communication and secured session resource discharge.
Further, in the secured session implementation, make a mistake, secured session stops automatically, and the secure session management device discharges the secured session resource automatically.
Further, the execution time of secured session surpasses the time restriction of secure session management device, and secured session stops automatically, and the secured session resource is released.
Further, power down in the communication process, secure session management device reset all, the secured session resource is released.
Smart card security session system of the present invention mainly has following advantage:
1, the uniqueness of communication.Promptly in a secured session, with smart card communications to as if confirm that the different security session id is indicated different communication objects, from the corresponding different security session id of the different application program at same terminal.
2, the consistance of communications status.When smart card and a plurality of interapplication communications, it is very important keeping the consistance of secured session state; Otherwise, when the user when an application program new rather than that preserve secured session information is at the beginning submitted access request to, smart card can have problems because knowing original secured session state.The foundation of secured session, independently of one another between the smart card security state that is had influence on when making different application and smart card communications, ensured the consistance of communications status.
Smart card security session system of the present invention; In existing smart card security system; Introduce the notion of secured session; Adopt and to set up a kind of semi-permanent, that have machine for automatically recovering system, the interactively information exchange system between smart card and end application within a certain period of time, the application program and the request of self sending are associated, thereby make that the secured session of different application programs is separate; In addition, secured session is in case foundation just should exist always, and up to the application program EO, perhaps other situation that make secured session stop occur; Security of conversation realizes the object of the invention by secured session symmetric key and the protection of secured session public private key pair.
Characteristics of the present invention can consult this case graphic and below better embodiment detailed description and obtain to be well understood to.
Description of drawings
Fig. 1 is the process flow diagram of the application work of existing smart card security system;
Fig. 2 is the structured flowchart of the smart card of smart card security session system of the present invention;
Fig. 3 is the workflow synoptic diagram of smart card security session system of the present invention.
Embodiment
For technological means, creation characteristic that the present invention is realized, reach purpose and effect and be easy to understand and understand, below in conjunction with concrete diagram, further set forth the present invention.
Like Fig. 2, shown in Figure 3; Smart card security session system of the present invention; Comprise smart card 100; Smart card 100 is made up of secure session management device 110, delivery manager 120, command analysis device 130 and encryption and decryption module 140, and secure session management device 110, delivery manager 120 and command analysis device 130 are connected mutually, and encryption and decryption module 140 is connected mutually with command analysis device 130; In the present invention, encryption and decryption module 140 comprises asymmetric encryption and decryption module 141 and symmetrical encryption and decryption module 142.
The major function of delivery manager 120 is the electric signals that receive from terminal hardware, converts logical data to and passes to the command analysis device; To pass to terminal hardware with electric signal from the response message of smart card.
The major function of command analysis device 130 is to decipher the secured session symmetric key at the secured session initial phase with the secured session private key, and to the instruction dissection process; After secured session is set up, with secured session symmetric key decryption instructions, and to the instruction dissection process.Call encryption and decryption module 140 and obtain secured session sign ID, secured session symmetric key R and cmd, and instruction is resolved.
Encryption and decryption module 140 comprises asymmetric encryption and decryption module 141 and symmetrical encryption and decryption module 142.Asymmetric encryption and decryption module 141 employed public private key pairs can be by the public private key pair that is used for encryption and decryption of CA trustship or the public private key pair that is used to sign that is generated voluntarily by COS; Symmetry encryption and decryption module 142 employed symmetric keys are the random number R that generated by end application.The function of encryption and decryption module 140 is the initial phases in secured session; Call asymmetric encryption and decryption module 141 usefulness secured session private keys deciphering and obtain random number R; R is submitted to session manager 110 as the secured session symmetric key, and bind with secured session sign ID that the secure session management device generates; After session is set up, according to secured session sign ID, obtain the secured session symmetric key from the inquiry of secure session management device, call symmetrical encryption and decryption module 142 decryption instructions, and hand over the command analysis device to resolve the back and carry out.
The major function of secure session management device 110 is session informations that management comprises secured session sign ID and secured session symmetric key R, and revises corresponding safe condition according to session information.
End application is initiated secured session; Produce random number R by end application and also use the secured session public key encryption as the secured session symmetric key; Secured session symmetric key after the encryption is sent out the delivery manager 120 to smart card 100, is passed to command analysis device 130; Command analysis device 130 calls asymmetric encryption and decryption module 141 usefulness secured session private keys deciphering and obtains secured session symmetric key R, carries out then and creates session work, and R sends to secure session management device 110 with the secured session symmetric key; Secure session management device 110 produces secured session sign ID; Secured session symmetric key R and secured session sign ID are bound; Return the secured session sign ID that has done symmetric cryptography with secured session symmetric key R then and give end application, set up a session with end application with this; After session foundation, when end application is visited smart card 100, make a summary through delivery manager 120 transmission secured sessions sign ID with the instruction of secured session symmetric key R encryption and the hash of instruction by end application; Command analysis device 130 is after the instruction that receives encryption; Contrast secured session sign ID searches corresponding secured session symmetric key R at secure session management device 110; Call symmetric cryptography module 142 usefulness secured session symmetric key R deciphering and obtain instruction and summary thereof; After the checking through instruction, carry out command execution.
In the present invention, the life cycle of the secured session of secure session management device 110 comprises that secured session initialization, secured session communication and secured session resource discharge.
Can set up the smart card 100 of secured session and must can support asymmetric encryption and decryption functions, just need a pair of public private key pair that can carry out encryption and decryption, encipherment protection is carried out in the communication during to the establishment session.In the present invention, asymmetric encryption and decryption module 141 employed keys comprise that the public private key pair that is used for encryption and decryption by the CA trustship (is designated as PK
1And SK
1) or the public private key pair (PK that is used to sign that generates voluntarily by COS
2And SK
2).For the smart card that adopts two card systems, the public private key pair that is used for encryption and decryption by the CA trustship is used in general recommendations.
At the initial phase of secured session, smart card also need generate the sign ID of end application, is used to distinguish the different terminal application program.Secured session has certain life span, and the secure session management device both can define different security session life span, also can carry out unified life span restriction to all secured sessions.
The last stage of secured session is that the resource of secured session discharges.Except the terminal initiatively terminates the situation of a secured session, below any one situation when occurring, the secured session resource just is released:
1, in the secured session implementation, make a mistake, secured session stops automatically, and secure session management device 110 discharges the secured session resource automatically;
2, the execution time of secured session surpasses the time restriction of secure session management device 110, and secured session stops automatically, and the secured session resource is released;
3, power down in the communication process, secure session management device 110 reset alls, the secured session resource is released.
Embodiment
Based on above smart card system design, the present invention is an example with asymmetric encryption and decryption RSA Algorithm and symmetric cryptography 3DES algorithm, supposes to have on the smart card public private key pair PK that is used for encryption and decryption of CA trustship
1And SK
1, to as the secured session public private key pair, following smart card security session communication workflow is proposed: (referring to Fig. 3) with this key
1) end application reads PKI on the smart card as secured session PKI PK
1
2) end application generates random number R, with secured session PKI PK
1Encrypted random number R obtains R
PK1And it is issued smart card;
3) smart card is with secured session private key SK
1Deciphering R
PK1Obtain random number R, generate the secured session sign ID of current application program then, 110 keeping records of secure session management device are to S:ID<->R, wherein ID is used to identify current secure session, and R is as this secured session symmetric key; Smart card identifies ID with secured session and uses the R symmetric cryptography, encrypting resulting ID
RReturn to end application;
4) end application is deciphered ID with R
RObtain ID;
5) the instruction cmd that need to carry out of end application generation, and to the digest calculations hash value of cmd will instruct and make a summary then and one reinstate the random number R symmetric cryptography, together with secured session sign ID, and composition bit string C:ID+ (cmd+cmd
Hash)
RSend to smart card;
6) after smart card is received bit string C, through comparison secured session sign ID, obtain corresponding secured session symmetric key R, encrypted instruction obtains cmd and calculates its hash value among the deciphering C, the checking summary;
7) if the 6th step card passes through, then cmd carries out; Otherwise smart card returns to end application with error message, and writes down the number of times of makeing mistakes; Reach the fault-tolerant upper limit when repeatedly makeing mistakes, secure session management device 110 will be removed record S, replacement smart card initial safe state, termination of security session;
8) if application program also has other cmd to need to carry out, repeat the operation of the 5th, 6,7 steps;
9) if the application program EO, then terminal proactive notification smart card closed safe session discharges the secured session resource.
Smart card security session system of the present invention is set up secured session between end application and smart card, can solve the problem of bypass attack, man-in-the-middle attack; In the application of common smart card; The U shield that uses like Web bank, citizen's card, social security card etc.; There is not conversation mechanism in the reciprocal process of terminal and smart card, and smart card can't confirm which kind of state current terminal is in, so possibly can't avoid the bypass attack behavior; Smart card security session system of the present invention is through adding secured session mechanism, can prevent that to a certain extent the illegal terminal program from visiting smartcard internal information with bypass mode or go-between's mode.
More than show and described ultimate principle of the present invention and principal character and advantage of the present invention.The technician of the industry should understand; The present invention is not restricted to the described embodiments; That describes in the foregoing description and the instructions just explains principle of the present invention, and under the prerequisite that does not break away from spirit and scope of the invention, the present invention also has various changes and modifications; These variations and improvement all fall in the scope of the invention that requires protection, and the present invention requires protection domain to be defined by appending claims and equivalent thereof.
Claims (7)
1. smart card security session system; Comprise smart card; It is characterized in that said smart card is made up of secure session management device, delivery manager, command analysis device and encryption and decryption module, presets the secured session public private key pair in the said smart card; Said secure session management device, command analysis device are connected with delivery manager successively, and said encryption and decryption module is connected mutually with said command analysis device; End application is initiated secured session; Produce random number as the secured session symmetric key by end application; And with the secured session public key encryption secured session symmetric key of smart card, the delivery manager through smart card sends to the command analysis device then, and the secured session private key deciphering that the command analysis device calls in the encryption and decryption module obtains the secured session symmetric key; And send the secure session management device to; The secure session management device generates the secured session sign, does mapping with the secured session symmetric key, then the secured session sign is used the secured session symmetric key encryption; Return to end application, set up end application and be connected with a secured session of smart card communications.
2. smart card security session system as claimed in claim 1; It is characterized in that; When end application carries out follow-up smart card operation; Send the secured session sign through delivery manager and with the instruction and the summary thereof of random number encryption, the command analysis device of smart card identifies according to secured session and inquires about corresponding secured session symmetric key to the secure session management device by end application, execution is resolved in instruction after calling the encryption and decryption module decrypts then.
3. smart card security session system as claimed in claim 1 is characterized in that, the secured session public private key pair that said encryption and decryption module is used comprises by the public private key pair that is used for encryption and decryption of CA trustship and the public private key pair that is used to sign that is generated voluntarily by COS.
4. smart card security session system as claimed in claim 1 is characterized in that, the life cycle of the secured session of said secure session management device comprises that secured session initialization, secured session communication and secured session resource discharge.
5. smart card security session system as claimed in claim 4 is characterized in that, in the secured session implementation, makes a mistake, and secured session stops automatically, and the secure session management device discharges the secured session resource automatically.
6. smart card security session system as claimed in claim 4 is characterized in that, the execution time of secured session surpasses the time restriction of secure session management device, and secured session stops automatically, and the secured session resource is released.
7. smart card security session system as claimed in claim 4 is characterized in that, power down in the communication process, and secure session management device reset all, the secured session resource is released.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102380558A CN101894235B (en) | 2010-07-27 | 2010-07-27 | Smart card security session system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102380558A CN101894235B (en) | 2010-07-27 | 2010-07-27 | Smart card security session system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101894235A CN101894235A (en) | 2010-11-24 |
| CN101894235B true CN101894235B (en) | 2012-02-01 |
Family
ID=43103425
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102380558A Expired - Fee Related CN101894235B (en) | 2010-07-27 | 2010-07-27 | Smart card security session system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101894235B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101930552B (en) * | 2010-08-17 | 2015-04-01 | 公安部第三研究所 | Method for identifying communication object of smart card |
| CN101984449B (en) * | 2010-11-30 | 2013-01-02 | 公安部第三研究所 | Smart card COS operating system |
| CN102082790B (en) * | 2010-12-27 | 2014-03-05 | 北京握奇数据系统有限公司 | Method and device for encryption/decryption of digital signature |
| CN103532714A (en) * | 2012-07-06 | 2014-01-22 | 中国银联股份有限公司 | Method and system for transmitting data from data provider to intelligent card |
| CN104104646B (en) * | 2013-04-02 | 2017-08-25 | 中国银联股份有限公司 | Security information interaction system, device and method based on safety barrier proactive command |
| CN104703175B (en) * | 2013-12-04 | 2021-10-19 | 苏州海博智能系统有限公司 | Data security protection method and device for mobile terminal |
| CN105721143B (en) * | 2016-01-30 | 2019-05-10 | 飞天诚信科技股份有限公司 | The method and apparatus that a kind of pair of application of IC cards is initialized |
| CN106571907A (en) * | 2016-11-11 | 2017-04-19 | 哈尔滨安天科技股份有限公司 | Method and system for securely transmitting data between upper computer and USB flash disk |
| CN107528689B (en) * | 2017-09-18 | 2020-10-02 | 上海动联信息技术股份有限公司 | Password modification method based on Ukey |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060085848A1 (en) * | 2004-10-19 | 2006-04-20 | Intel Corporation | Method and apparatus for securing communications between a smartcard and a terminal |
| EP1850255B1 (en) * | 2006-04-28 | 2013-09-25 | BlackBerry Limited | System and method for managing multiple smart card sessions |
-
2010
- 2010-07-27 CN CN2010102380558A patent/CN101894235B/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN101894235A (en) | 2010-11-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101894235B (en) | Smart card security session system | |
| CN1269071C (en) | Storage card | |
| RU2399087C2 (en) | Safe data storage with integrity protection | |
| CN114218592A (en) | Sensitive data encryption and decryption method and device, computer equipment and storage medium | |
| CN101102180B (en) | Inter-system binding and platform integrity verification method based on hardware security unit | |
| CN104380652A (en) | Multi-issuer secure element partition architecture for NFC enabled devices | |
| CN102456193A (en) | Mobile storage equipment and data processing system and method based on same | |
| CN101727558B (en) | Method for clearing password of computer, computer and server | |
| CN102693385A (en) | Embedded terminal based on SD (secure digital) trusted computing module and implementation method thereof | |
| CN110598429B (en) | Data encryption storage and reading method, terminal equipment and storage medium | |
| CN104123506A (en) | Data access method and device and data encryption storage and access method and device | |
| CN103812649A (en) | Method and system for safety access control of machine-card interface, and handset terminal | |
| CN104484628B (en) | It is a kind of that there is the multi-application smart card of encrypting and decrypting | |
| CN101534299A (en) | Information security device based on SD Memory/SDIO interfaces and data communication method therefor | |
| CN107784207A (en) | Display methods, device, equipment and the storage medium at financial APP interfaces | |
| CN209402526U (en) | The key storage device of safety chip | |
| CN111245620B (en) | Mobile security application architecture in terminal and construction method thereof | |
| CN108573181B (en) | RFID reader-writer, RFID system and block chain network | |
| CN111435389A (en) | Power distribution terminal operation and maintenance tool safety protection system | |
| CN102868521B (en) | Method for enhancing secret key transmission of symmetrical secret key system | |
| WO2015154469A1 (en) | Database operation method and device | |
| CN202600714U (en) | Embedded terminal based on SD (Secure Digital) trusted computing module | |
| CN1101024C (en) | Method and device for encrypting computer hard disc | |
| CN101930552A (en) | Method for identifying communication object of smart card | |
| CN103514540A (en) | USBKEY business realization method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120201 Termination date: 20170727 |